Linksys WRT32X, the router that scored the highest in the Cyber-ITL security-focused case study.
Many of today's most popular home router models don't take full advantage of the security features that come with the Linux operating system, which many of them use as a basis for their firmware.Security hardening features such as ASLR (Address Space Layout Randomization), DEP (Data Execution Prevention), RELRO (RELocation Read-Only), and stack guards have been found to be missing in a recent security audit of 28 popular home routers.
Security experts from the Cyber Independent Testing Lab (Cyber-ITL) analyzed the firmware of these routers and mapped out the percentage of firmware code that was protected by the four security features listed above.
"The absence of these security features is inexcusable," said Parker Thompson and Sarah Zatko, the two Cyber-ITL researchers behind the study.
"The features discussed in this report are easy to adopt, come with no downsides, and are standard practices in other market segments (such as desktop and mobile software)," the two added.
While some routers had 100 percent coverage for one feature, none implemented all four. Furthermore, researchers also found inconsistencies in applying the four security features within the same brand, with some router models from one vendor rating extremely high, while others had virtually no protection.
According to the research team, of the 28 router firmware images they analyzed, the Linksys WRT32X model scored highest with 100 percent DEP coverage for all firmware binaries, 95 percent RELRO coverage, 82 percent stack guard coverage, but with a lowly 4 percent ASLR protection...
Read more: Most home routers don't take advantage of Linux's improved security features | ZDNet
- 64-bit Windows 10
- Computer type
- System Manufacturer/Model Number
- Custom self built
- Intel i7-8700K OC'd to 5 GHz
- ASUS ROG Maximus XI Formula Z390
- 16 GB (8GBx2) G.SKILL TridentZ DDR4 3200 MHz
- Graphics Card(s)
- ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
- Sound Card
- Integrated Digital Audio (S/PDIF)
- Monitor(s) Displays
- 3 x 27" Asus VE278Q
- Screen Resolution
- Hard Drives
250GB Samsung 960 EVO M.2,
256GB OCZ Vector,
6TB WD Black WD6001FZWX
8TB WD MyCloudEX2Ultra NAS
- OCZ Series Gold OCZZ1000M 1000W
- Thermaltake Core P3
- Corsair Hydro H115i
- Logitech wireless K800
- Logitech MX Master
- Internet Speed
- 1 Gb/s Download and 35 Mb/s Upload
- Internet Explorer 11
- Malwarebyte Anti-Malware Premium
- Other Info
Logitech Z625 speaker system,
Logitech BRIO 4K Pro webcam,
HP Color LaserJet Pro MFP M477fdn,
Linksys EA9500 router,
Arris SB8200 cable modem,
APC SMART-UPS RT 1000 XL - SURT1000XLI,
Lumia 1520 phone